Categories: News

There’s a huge security flaw on macOS High Sierra that allows admin access without a password

A fix for macOS High Sierra’s security issue is now available. Apple has issued the following statement on the matter:

Security is a top priority for every Apple product, and regrettably we stumbled with this release of macOS.

When our security engineers became aware of the issue Tuesday afternoon, we immediately began working on an update that closes the security hole. This morning, as of 8 a.m., the update is available for download, and starting later today it will be automatically installed on all systems running the latest version (10.13.1) of macOS High Sierra.

We greatly regret this error and we apologize to all Mac users, both for releasing with this vulnerability and for the concern it has caused. Our customers deserve better. We are auditing our development processes to help prevent this from happening again.

==========================

Looks like Apple‘s macOS High Sierra operating system has just had a rather massive vulnerability exposed in the system; allowing anyone to gain system administrator access without even needing to enter a password.

The vulnerability was publically revealed on Twitter earlier, but it’s unknown whether or not Apple was alerted to it beforehand.

The issue remains present as of macOS 10.13.1, the current release of High Sierra. Basically, the issue allows user to enter a System Administrator account when the vulnerability is exploited, and even lets said user to change passwords and view files for pre-existing users on the machine itself. They can even tamper with Apple ID email addresses and do a handful of malicious actions that could otherwise not be possible without access.

For now, the best you can do to protect your Mac is to set a root password, you can view the necessary steps here.

Apple has confirmed that they’re working on a software update to fix the issue, and have published a step-by-step guide to fix the issue but have yet to produce a timeframe for said update, so we can just cross our fingers that it comes soon.

[SOURCE]

Recent Posts

Malaysia Airlines’ new A330neo grounded temporarily due to production issues

Malaysia Airlines has temporarily grounded its brand new Airbus A330neo after completing four commercial flights.…

17 hours ago

Proton e.MAS 7: Here’s how much it cost to maintain this EV

Pro-Net recently revealed that you only need to service the new Proton e.MAS 7 EV…

2 days ago

Proton e.MAS 7: How much does it cost to replace the tyres?

The Proton e.MAS 7 is one of the most value for money SUVs at the…

3 days ago

Samsung to launch its new AI-powered home appliances with improved ecosystem integration at CES 2025

Samsung has announced that it will be holding its press conference titled "AI for All:…

3 days ago

SoyaCincau Awards 2024: The Best Phones of the Year

Modern smartphones are very capable computing devices, thanks to powerful hardware trickling down the price…

3 days ago

CelcomDigi offers 5G Home WiFi at RM69/month for Postpaid customers

If you're a CelcomDigi Postpaid 5G customer and can't get fibre broadband for your home,…

3 days ago

This website uses cookies.